QuickTime Security Update

If you’re an avid QuickTime user, you may have already heard about this, but just in case you haven’t, I’m here to fill you in today. Awhile back, an exploitable hole was discovered in the Apple QuickTime program that also involved the Mozilla Firefox Web browser. So, if you’re a fan of both Firefox and QuickTime, you’ll definitely want to pay attention to this tip. It’s not something that should be taken lightly. Okay, let’s check it out!

This is basically what happened: the exploit allowed Firefox to pass a JavaScript code on to QuickTime, which would then be passed back to Firefox if it was set as the default browser on the PC. Therefore, the code could run itself without being checked, which would give malicious users complete access to the computer. That access included the user’s file system and command lines, which is never good news. Luckily, once the Apple and Mozilla companies found out about this security issue, they took charge right away. First, Mozilla released Firefox 2.0.0.7, which took care of a big chunk of the exploit. You can read more about that here.

With the Firefox update in place, the malicious JavaScript code can no longer run on any computer that has Firefox set as the default browser. Then, a couple weeks ago (around Oct. 4, 2007), Apple was able to create a fix to shut down the other half of the exploit. So, when you use Firefox and QuickTime together, you no longer have to worry about falling into a security hole. Your computer will now be safe from any harm. Apple actually posted a complete security bulletin about this issue on their Web site, so you can read more about it here if you’d like. Also, just to let you know, this exploit only affected the QuickTime 7.2 version. So, there you have it. Another security issue is now a thing of the past. Stay safe out there, my friends!